QUOCIRCA INSIGHT REPORT
Addressing a growing problem
Contacts:
Fran Howarth
Quocirca Ltd
Tel +31 35 691 1311
Fran.howarth@quocirca.com
Rob Bamforth
Quocirca Ltd
Tel +44 7802 175796
Rob.bamforth@quocirca.com
Branko Miskov
BlueCat Networks
Tel +1 416 646 8398
bmiskov@bluecatnetworks.com
REPORT NOTE:
This report has been
written independently by
Quocirca Ltd to address
certain issues found in
today’s organisations. The
report draws on
Quocirca’s extensive
knowledge of the
technology and business
arenas, and provides
advice on the approach
that organisations should
take to create a more
effective and efficient
environment for future
growth.
During the preparation of
this report, Quocirca has
spoken to a number of
suppliers and customers
involved in the areas
covered. We are grateful
for their time and insights.
Quocirca would like to
thank BlueCat Networks
for its sponsorship of this
report.
January 2009
An explosion of IP addresses
Given today’s economic climate, businesses are, more than ever, looking to create additional
value through the reduction of risk and by saving costs. For many, the economic downturn is
seen as the best time to optimise the infrastructure that they already have in place, to look at
ways to trim unnecessary expenditure and to use existing resources more effectively. As
organisations are increasingly reliant on data networks that encompass an ever-growing
range and number of internet protocol (IP) enabled devices and applications, they need to
more effectively administer and manage these assets—they can no longer take the
management of their IP networks for granted.
IP Address Management (IPAM) is an essential service for managing an
organisation’s IP infrastructure, but is often neglected by IT departments
IPAM involves the allocation, classification and management of all IP addresses for
securely controlling network access. However, many organisations use rudimentary
manual methods, such as spreadsheets, that are costly and inefficient, and are often out
of date and error prone.
The proliferation of IP-connected devices is leading to an overload of IP addresses
that have to be managed
Not only mobile IT devices and smart phones, but Voice over IP (VoIP), Radio
Frequency Identification (RFID) and other devices used for industrial automation each
have IP addresses associated with them that need to be managed. This can lead to the
number of IP addresses in use growing exponentially.
Not only is the number of IP addresses in use by organisations growing, but each
address is becoming more complex
The IP address system most commonly in use today—IPv4—was put in place in 1977
and the number of available addresses is fast running out. Its successor—IPv6—provides
a seemingly limitless stock of IP addresses as each address space is a 128-bit string, as
opposed to the 32-bit space of IPv4. Although both systems will run in parallel for some
time to come, the switchover to IPv6 will increase the complexity of manually
administering and processing each IP address.
Technologies to automate the allocation, classification and tracking of all IP
addresses in use are available and these can also be used to manage other closely
related technologies, including Domain Name System (DNS), Dynamic Host
Configuration Protocol (DHCP) and endpoint security solutions
IPAM tools provide greater visibility into IP networks, as well as enhancing the accuracy
and simplification of management tasks, allowing organisations increased control over
costs and productivity, and providing greater control over the security of networks.
The benefits of IPAM are tangible, promising to slash costs from the bottom line
and help achieve compliance objectives
Organisations can use such technology to account for which IP addresses are in use and
who is using them, which will boost their governance efforts.
Conclusions
Organisations today are reliant on their IP infrastructure, and with more and more IP devices
in use, that reliance is growing. By implementing IPAM tools, organisations of any size can
reduce their dependence on the manual processes that impact the productivity of limited IT
management resources and bring down costs by gaining better control of essential business
assets.
An independent study by
Quocirca Ltd.
www.quocirca.com
Addressing a growing problem—IPAM Page 2

CONTENTS

1. INTRODUCTION ........................................................................................................................................................................ 3
2. AN INTRODUCTION TO IPAM ............................................................................................................................................... 3
3. WHY SHOULD WE CARE ABOUT IPAM NOW?................................................................................................................. 3
4. FOR MANY, IPAM IS A GROWING MANAGEMENT HEADACHE................................................................................. 4
5. AUTOMATING THE IPAM PROCESS ................................................................................................................................... 5
6. THE BENEFITS OF IPAM ........................................................................................................................................................ 5
7. CONCLUSION ............................................................................................................................................................................ 6
ABOUT BLUECAT NETWORKS ..................................................................................................................................................... 7
ABOUT QUOCIRCA .......................................................................................................................................................................... 8

© 2009 Quocirca Ltd www.quocirca.com January 2009

Addressing a growing problem—IPAM
1. Introduction
By the end of 2008, around 1.5
billion individuals around the
world will have internet access.
In November 2007, mobile
phone users numbered 3.3
billion, with a growing
proportion of those mobile
devices enabled for internet
access. Each device accessing
the internet has its own Internet
Protocol (IP) address associated with it, allowing it to
be uniquely identified.
In computing terms, a protocol is a set of rules
governing the exchange or transmission of data
between devices. IP is a protocol for sending data from
one computational device to another on the internet,
other public networks, or even internal private
networks. Each IP address needs to be unique so that
the network knows where to send packets of
information. According to the Internet Engineering
Task Force (IETF), the role of an IP address is as
follows: “A name indicates what we seek; an address
indicates where it is; a route indicates how to get
there.”
As the use of computational devices is growing
exponentially, the number of IP addresses required
expands likewise. For a large organisation with tens of
thousands of employees, this can mean that its IP
address list could outstrip the largest of phone books.
Even a small organisation can find itself managing
hundreds, if not thousands, of IP addresses.
Because of this, the administration of huge pools of IP
addresses has become a headache for many
organisations, with poor management leading to the
risk of unknown or unaccounted-for IP addresses
connecting to the network. This could lead to poor
visibility over which host computers and devices have
inbound or outbound connectivity to the network, such
as open links to former employees or business partners
that could be compromised.
By automating the management of IP addresses,
companies can improve their security posture whilst
gaining greater control of network assets. Faced with
the imperative of cost cutting in today’s challenging
economic environment, organisations are tasked with
optimising the infrastructure that they already have in
place, looking at ways to trim unnecessary expenditure
and utilise existing resources more effectively.
This paper aims to show how organisations can use IP
Address Management (IPAM) tools to regain control
of their IP networks and show the benefits that they
can achieve in doing this.
© 2009 Quocirca Ltd www.quocirca.com
Page 3
2. An introduction to IPAM
IPAM is the allocation, classification and tracking of
all IP addresses in use by a given organisation, and can
also be used to manage other closely related
technologies. These include domain name system
(DNS) servers, which are used to locate and translate
domain names into IP addresses, serving as the glue
that connects a network infrastructure with business
applications, and dynamic host configuration protocol
(DHCP) servers. DCHP is used for assigning addresses
on the fly to devices such as printers, laptops and other
mobile IP-connected devices and for associating where
the device is in the network. IPAM, DNS and DHCP
are often neglected by IT management, but they
provide crucial services with regard to the availability,
accessibility, performance and security of network
applications.
With their centralised architecture and management
capabilities, IPAM systems can be used more
efficiently to manage not only IP addresses, but also
naming conventions used in the organisation and the
DNS and DHCP servers in order to provide highly
available DNS and DHCP network services. If DNS
and DHCP servers are not correctly managed, a failure
of the DNS server would lead to domain names not
being mapped to IP addresses and network clients not
mapping to servers. For example, email systems
require DNS in order to determine where the mail is to
be sent. If the DNS service fails, this will result in loss
of email services as well.
3. Why should we care about
IPAM now?
Until recently, the need for effective management of IP
addresses was mostly confined to larger organisations
with thousands, or tens of thousands, of network users
that had to be provisioned, leaving IT resources
struggling to ensure that the IP address was managed
correctly and efficiently. However, one key factor that
is making efficient management of IP address
allocation a pressing concern for all businesses today,
even small ones, is the proliferation of IP-connected
devices, in particular mobile phones. By some
estimates, around 250 million of all mobile phones that
will be shipped in 2009 will be IP-enabled smart
phones that offer internet connectivity along with a
host of other services, and Yahoo! estimates that more
users will access the internet via mobile devices than
fixed computers by 2016.
Many of these will be used to access a given
organisation’s internal network for business purposes,
such as for checking work schedules or remotely
clocking in to work.
January 2009
Addressing a growing problem—IPAM
As well as mobile devices, a host of other devices in
use in organisations, such as physical access control
systems, building automation systems, cash registers
and many industrial devices, are increasingly being IP-
enabled and made accessible over the network. Voice
over IP (VoIP) phones are also coming into greater use
in businesses, owing to the reduced cost of
communications that they offer by routing calls over IP
networks, and usage is set to increase dramatically.
Another technology that is increasing the number of IP
addresses that need to be managed is Radio Frequency
Identification (RFID), which offers opportunities for
streamlining supply chains, security tracking and other
monitoring. Finally there is also an increased use of
virtualisation, which reduces resource and hardware
usage, but expands the number of IP addresses for each
virtual machine in use.
4. For many, IPAM is a growing
management headache
Given the rise not just in computer usage, but in the
growing number of devices and applications that need
to be provisioned with an IP address in order to
connect to networks, the number of IP addresses in use
is spiralling and it is now common for most computer
users to have multiple IP addresses associated with
them. Even in a small company with just a hundred
employees, the use of technologies such as VoIP and
mobile devices can mean that they now have hundreds
of IP addresses to manage.
However, many organisations attempt to manage
allocation of these IP addresses by using spreadsheets
or databases, which can be too easily or accidentally
modified or contain errors. Management by
spreadsheet is error prone. According to studies cited
by the European Spreadsheet Risks Interest Group,
90% of spreadsheets contain errors. But the problem is
only going to get worse because the current IP address
system—IPv4—that was put in place in 1977 is
running out of available addresses. IPv4 uses a 32-bit
string for each address, giving just under 4.3 billion
possible unique address combinations. However, the
clock is ticking. By October 2007, it was estimated that
83% of all available IPv4 addresses had been allocated
and, in September 2008, the China Internet Network
Information Centre estimated that it had only 830
days’ worth of IPv4 resources left.
One solution often used to tackle address space
limitations is network address translation (NAT). NAT
is the translation of an IP address used in one network
to one used in another. It allows an organisation to map
its local network addresses to one or more external IP
addresses. This reduces the need for a large number of
publicly known IP addresses by creating a separation
between publicly known and privately known
addresses. NAT is a useful way to insulate internal
networks and has extended the use of IPv4 addresses
© 2009 Quocirca Ltd www.quocirca.com
Page 4
but it cannot put off the imperative to move to IPv6
indefinitely.
To address this problem, IPv6 was developed in 1996,
potentially providing 340 trillion, trillion, trillion IP
addresses, which will be allocated in far larger blocks
than IPv4. The reason why IPv6 can provide so many
unique address combinations is that the range of
numbers available to define each address is
substantially larger with 128 bits than with 32. IPv6
addresses also use the base-16 hexadecimal numbering
system that combines the use of numbers and letters,
rather than just numbers as in IPv4. This makes it even
more of a management headache if IP address
allocation is handled manually, especially given the
potential for human error.
To date, the switch from IPv4 to IPv6 has been a low
priority—especially since not all technology
manufacturers have embraced IPv6 until recently.
However, that will change fast as it enjoys more
widespread support and as governments worldwide
start to push for a migration to IPv6. The EU set a
target in May 2008 of getting 25% of EU industry,
public sector organisations and households to use IPv6
by 2010, saying that the explosion in use of electronic
devices will lead to a thousand-fold increase in the
number of IP addresses. It is considering making IPv6
a condition of acceptance in public sector procurement
contracts. The US government mandated the use of
IPv6 by all its contractors in mid-2008 and many other
governments, including the Japanese and Chinese, are
actively encouraging the rollout of public IPv6
networks.
Table: The key drivers for IPAM
Exploding use of mobile devices for accessing
networks
Fast expanding use of IP-enabled devices and
applications, including RFID tags and virtual
devices
Conversion to IPv6—the requirement to manage
much larger addresses
Need for reconciling IP usage with corporate
policies and governance requirements
Increased productivity of workflow and processes
associated with manual IPAM
Auditing of and reporting on all IP usage on the
network for greater visibility and control
January 2009
Addressing a growing problem—IPAM
5. Automating the IPAM process
To facilitate provisioning and management of IP
addresses to all applications, devices and users that
need them, organisations are increasingly turning to
the use of automated IPAM technology. IPAM tools
integrate processes surrounding IP address
management to provide greater visibility into IP
networks, enhanced data accuracy and simplified
management of all tasks. This enables IT
administrators to more effectively track actual IP usage
on the organisation’s network, performing essential
tasks such as uncovering the use of IP addresses that
have not been authorised by the organisation and that
could otherwise be used to allow rogue devices or
users to access sensitive network resources.
IPAM can help reduce costs and squeeze more
productive value from existing resources—an aim of
any organisation in a downturn, as discussed earlier. A
key concern is to reduce costs and increase
productivity by automating the remaining manual
processes—and many organisations will find that the
annual cost of labour alone for manually administering
and managing IP address allocation exceeds the cost of
purchasing a more appropriate tool.
In terms of productivity, IPAM technologies provide
organisations with simplified management procedures.
This not only cuts down on the manual processes
involved in allocating and managing the IP
infrastructure, but also allows tasks to be delegated to
more junior administrators, freeing up costlier, more
senior resources to focus on more advanced tasks and
improving the productivity of IT overall.
Checklist: Essential elements of IPAM
Ability to manage a device profile for every IP
address and accurately track the status of each
address
Centralised management capabilities for assigning
and managing address information
Integrated graphical user interface to allow
administrators to more easily search, audit and
check for errors
Integration with security controls and tools, such as
endpoint and network access control tools, and a
built-in firewall
Scalability to multiple networks, domains and
divisions so that all sub-networks are brought
under control
Support for existing DNS and DHCP servers and
directories
Coverage for all devices in use in the organisation
Platform-neutral—broad operating system and
© 2009 Quocirca Ltd www.quocirca.com
Page 5
platform support
Delegation features, so a senior administrator can
assign responsibility for particular domains or sub-
nets to junior administrators
Reporting and auditing capabilities
High level of fault tolerance
6. The benefits of IPAM
IPAM tools enable the integration and automation of
business processes that are used to manage the IP
infrastructure, allowing organisations to cut the
management costs, increase productivity and better
control resource allocation. By knowing which IP
addresses are in use in the organisation and who is
using them, conflicts and network outages can be
reduced, critical assets tracked, and security issues
brought under better control. For example,
organisations will be in a position to eliminate users
and devices with unauthorised IP addresses that can
access network resources, leading to more efficient
resource utilisation.
Owing to the centralised control that IPAM provides,
organisations can benefit from greater visibility that
can help boost governance and regulatory compliance
efforts, as the audit trail that is generated allows them
to better prove how resources are being accessed and
by whom.
Because IPAM can help organisations to not only
reduce the cost of IT administration and business
operations, but also reduce risk throughout the
organisation, they are suitable candidates for
organisations looking to cut costs in a depressed
economy. In such times, achieving superior, efficient
and cheaper operations is a prime goal.
Another benefit in a struggling economy is that rapidly
planned mergers and acquisitions occur—as is being
seen in the financial sector, where failing banks are
being acquired by their competitors. In such situations,
disparate networks need to be consolidated quickly.
IPAM technologies have a role to play in such
situations, allowing organisations to reduce the costs of
integrating the IP infrastructures through providing
streamlined administration of processes involved in
consolidating networks.
January 2009
Addressing a growing problem—IPAM
7. Conclusion
IPAM technology automates the essential tasks
involved in the administration and management of IP
networks. Today, many of the processes involved are
performed manually, increasing the risk of error, and
are a drain on cost containment and productivity. Poor
management of IP resources increases the risk of
unknown or non-compliant devices connecting to the
network, leaving an organisation less able to control
who is accessing what resources on the network.
The problems involved in using manual processes to
manage network infrastructure will only be
exacerbated as networks grow in size and complexity.
As more and more smart devices are IP-enabled to
allow them to access networks, this will vastly expand
the number and range of IP addresses that must be
provisioned and controlled. Administrative tasks are
also set to grow in complexity as IP addresses grow in
size and number with the worldwide conversion of
networks from IPv4 to IPv6, vastly increasing the
number of IP addresses available for use.
© 2009 Quocirca Ltd www.quocirca.com
Page 6
IPAM products add a layer of intelligence to the tasks
of administering and managing IP address allocation
and work in combination with related technologies
such as DNS and DHCP services to add a vital layer of
control and security to network operations. This
increases visibility into the core business processes
involved, enabling costs to be controlled through
automation of those processes and boosting security
through greater control of network access.
Since its inception, IPAM technologies have matured
beyond simple management of DNS and DHCP
services to become mainstream tools for organisations
to reduce costs and risks in order to help drive better
business value from networks.
As the global IP infrastructure continues to expand, the
use of such tools are no longer exclusive to large
enterprises. Even small and medium-sized businesses
can have large volumes of IP addresses to administer
and manage. By implementing IPAM tools,
organisations of all sizes can reduce their reliance on
manual processes that undermine the productivity of
scarce IT resources and better control costs by gaining
control of essential network assets.
January 2009
Addressing a growing problem—IPAM Page 7

About BlueCat Networks

BlueCat Networks, the IPAM Intelligence Company™, is a privately held profitable and rapidly growing leading
provider of enterprise-class IP Address Management (IPAM) platforms and secure DNS/DHCP network administration
appliances. Today, many thousands of BlueCat’s award-winning Proteus™ IPAM platforms and Adonis™ family of
DNS/DHCP appliances have been successfully deployed to meet the rising IP management demands of small/medium
enterprises, government, military, financial services, insurance, educational, retail and manufacturing organisations in
over 32 countries. Over 300 of the global Fortune 1000 firms—including government classified and unclassified
networks—rely on BlueCat to secure their networks.

BlueCat differentiates itself from the competition with its ongoing commitment to developing the most advanced IP
Address Management solutions that deliver a benchmark-setting network experience for customers that is based on
efficiency, reliability, and workflow. We listen to our customers to design and deliver the solution they need, while our
professional services team is available to deliver expert onsite service for the completion of a successful deployment.
Our exceptional dedication to client care makes BlueCat the industry leader of choice. With over 120 full-time staff,
BlueCat provides world-class, end-to-end DNS/DHCP and IPAM solutions.

BlueCat has headquarters in Toronto, Ontario, Canada and regional offices established in 8 cities as well as in Germany
and the UK. BlueCat’s handpicked strategic partners further extend its global footprint throughout Europe, the Middle
East and Asia Pacific.

Contact:
Branko Miskov
Director, Product Management
BlueCat Networks Inc.
North America
Phone: +1.416.646.8398
Email: bmiskov@bluecatnetworks.com

© 2009 Quocirca Ltd www.quocirca.com January 2009

Addressing a growing problem—IPAM Page 8

About Quocirca
Quocirca is a primary research and analysis company specialising in the business impact of information technology and
communications (ITC). With world-wide, native language reach, Quocirca provides in-depth insights into the views of
buyers and influencers in large, mid-sized and small organisations. Its analyst team is made up of real-world
practitioners with firsthand experience of ITC delivery who continuously research and track the industry in the
following key areas:
Business process evolution and enablement
Enterprise solutions and integration
Business intelligence and reporting
Communications, collaboration and mobility
Infrastructure and IT systems management
Systems security and end-point management
Utility computing and delivery of IT as a service
Sustainability and environmental issues
IT delivery channels and practices
IT investment activity, behaviour and planning
Public sector technology adoption and issues
Integrated print management

Through researching perceptions, Quocirca uncovers the real hurdles to technology adoption—the personal and
political aspects of an organisation’s environment and the pressures of the need for demonstrable business value in any
implementation. This capability to uncover and report back on the end-user perceptions in the market enables Quocirca
to advise on the realities of technology adoption, not the promises.
Quocirca research is always pragmatic, business orientated and conducted in the context of the bigger picture. ITC has
the ability to transform businesses and the processes that drive them, but often fails to do so. Quocirca’s mission is to
help organisations improve their success rate in process enablement through better levels of understanding and the
adoption of the correct technologies at the correct time.
Quocirca has a pro-active primary research programme, regularly surveying users, purchasers and resellers of ITC
products and services on emerging, evolving and maturing technologies. Over time, Quocirca has built a picture of long
term investment trends, providing invaluable information for the whole of the ITC community.
Quocirca works with global and local providers of ITC products and services to help them deliver on the promise that
ITC holds for business. Quocirca’s clients include Oracle, Microsoft, HP, IBM, T-Mobile, Xerox, Vodafone, EMC,
Symantec and Cisco, along with other large and medium sized vendors, service providers and more specialist firms.
Sponsorship of specific studies by such organisations allows much of Quocirca’s research to be placed into the public
domain at no cost. Quocirca’s reach is great—through a network of media partners, Quocirca publishes its research to a
possible audience measured in the millions.
Quocirca’s independent culture and the real-world experience of Quocirca’s analysts ensure that our research and
analysis is always objective, accurate, actionable and challenging.
Quocirca reports are freely available to everyone and may be requested via www.quocirca.com.
Contact:
Quocirca Ltd
Mountbatten House
Fairacres
Windsor
Berkshire
SL4 4LE
United Kingdom
Tel +44 1753 754 838